[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] NexorONE Online Banking - Multiple Cross Site Vulnerabilities
From:       "research () vulnerability-lab ! com" <research () vulnerability-lab ! com>
Date:       2012-02-05 18:09:49
Message-ID: 4F2EC5ED.1070304 () vulnerability-lab ! com
[Download RAW message or body]

Title:
======
NexorONE Online Banking - Multiple Cross Site Vulnerabilities


Date:
=====
2012-02-04


References:
===========
http://www.vulnerability-lab.com/get_content.php?id=304


VL-ID:
=====
304


Introduction:
=============
NexorONE is the leading online banking software provider for Private International \
banks, Offshore Financian Institutions, Savings and Loans, Credit unions, Investmenet \
Fund Managers and Payement Processing Companies.

NexorONE has already been demployed to more than 200 financial entities worldwide, \
spread out throught 20 countries and in 12 different languages. with this market \
experience we know we can fulfill your business demands.

(Copy of the Vendor Homepage: https://www.nexorone.com/ )


Abstract:
=========
Vulnerability-Lab Team (Chokri B.A.) discovered multiple non-persistent Cross Site \
Scripting vulnerabilities on the NexorONE Online Banking Software.


Report-Timeline:
================
2011-10-05:	Vendor Notification 1
2011-11-13:	Vendor Notification 2
2011-12-17:	Vendor Notification 3
2012-02-04:	Public or Non-Public Disclosure


Status:
========
Published


Exploitation-Technique:
=======================
Remote


Severity:
=========
Medium


Details:
========
A non-persistent cross site scripting vulnerability is detected on the NexorONE \
Online Banking Software.  Successful exploitation of the vulnerability allows an \
attacker to hijack user/mod/admin sessions of the portal.

Vulnerable file(s):
							[+] login.php

Vulnerable Param(s):
							[+] ?visitor_language=
							[+] ?message=

Picture(s):
							../1.png
							../2.png
							../3.png


Proof of Concept:
=================
The vulnerabilities can be exploited by remote attackers with required user inter \
action. For demonstration or reproduce ...

PoC 1:
<div class="login_line2">_QUESTION_NEW_CUSTOMER <a \
href="register.php?visitor_language=english\ "><img \
src=http://www.vulnerability-lab.com/gfx/partners/vlab.png>" \
tabindex="4">_REGISTER</a>	 <=[x] </div></form>


PoC 2:
<div class="login_line2">_QUESTION_NEW_CUSTOMER <a \
href="register.php?visitor_language=english\\\ "><iframe \
src=http://www.vulnerability-lab.com onload=alert(vulnerabilitylab) height=800px \
width=900px>	 <=[x] " tabindex="4">_REGISTER</a></div></form>

PoC 3:
<div id="login">
<table cellspacing="0" class="message"><tr><td><center>Registration_successful>
<iframe src=http://www.vulnerability-lab.com onload=\"alert(vulnerabilitylab);\" \
height=\"800px\" width=\"900px\">	 <=[x] </center></td></tr></table>


Risk:
=====
The security risk of the non-reflective cross site scripting vulnerabilities are \
estimated as medium.


Credits:
========
Vulnerability Research Laboratory - Chokri B.A. (Me!ster the White)


Disclaimer:
===========
The information provided in this advisory is provided as it is without any warranty. \
Vulnerability-Lab disclaims all warranties,  either expressed or implied, including \
the warranties of merchantability and capability for a particular purpose. \
Vulnerability- Lab or its suppliers are not liable in any case of damage, including \
direct, indirect, incidental, consequential loss of business  profits or special \
damages, even if Vulnerability-Lab or its suppliers have been advised of the \
possibility of such damages. Some  states do not allow the exclusion or limitation of \
liability for consequential or incidental damages so the foregoing limitation  may \
not apply. Any modified copy or reproduction, including partially usages, of this \
file requires authorization from Vulnerability- Lab. Permission to electronically \
redistribute this alert in its unmodified form is granted. All other rights, \
including the use of  other media, are reserved by Vulnerability-Lab or its \
suppliers.

    						Copyright © 2012|Vulnerability-Lab




-- 
Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com
Contact: admin@vulnerability-lab.com or support@vulnerability-lab.com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic